If it is required, it is not an example, and should probably be in the main text.
"username": REQUIRED for the initial Authorization Challenge Request.
"otp": The OTP collected from the user. REQUIRED when re-trying an Authorization Challenge Request in response to the otp_required error defined below.
If it is required, it is not an example, and should probably be in the main text.